4c1cea19390f64384cd66258e61e387a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c1cea19390f64384cd66258e61e387a_JaffaCakes118
Size

164KB
MD5

4c1cea19390f64384cd66258e61e387a
SHA1

ce5188e4f7f912af770fa4182ded95f9059e1f0c
SHA256

678a271389d5040683aee5e3f4792e8b4ea95f08f9977fdb2dfac39bd1788bbc
SHA512

635632f65e74a30899ea264244048675bbc9be413cd2591134cc7924194f70b76ce03451db03cf05a8417bf5b07e0c56dc13b521e3a4de8f3683120e9d1aa17d
SSDEEP

3072:Rn253EhD9vIquejWFe0yPpArwxzPtzDv2NOOWKKigEeLBf0umvr5yfW8:RW09xuC0op/f+yKKigEYqr+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c1cea19390f64384cd66258e61e387a_JaffaCakes118

Files

4c1cea19390f64384cd66258e61e387a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76ff3408334f264635f11cf7f1d0f81f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
BaseInitAppcompatCacheSupport
HeapValidate
HeapAlloc
ExitProcess
RtlUnwind
QueryPerformanceCounter
VirtualQuery
EnumResourceTypesW
GetSystemInfo
GetProcessHeap
FindFirstFileW
RaiseException
SetUnhandledExceptionFilter
VirtualProtect
IsBadReadPtr
HeapFree

gdi32

GetStockObject

oleacc

AccessibleChildren
CreateStdAccessibleProxyW

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ